Description

It may be necessary in certain instances where a single Active Directory user may require Read permissions to all archives. These can be manually applied per archive; however for larger environments, it would be too time-consuming of a task.

This can be done using the Enterprise Vault Management Shell, by using the Set-EVArchivePermission cmdlet. This is the equivalent of manually adding permissions to each archive and does not over-write any existing permissions.

1. Navigate to Start --> All Apps --> Enterprise Vault Management Shell
2. Enter the following command after editing DOMAIN\user to the user account needing Read access:
   
   Get-EVArchive | Set-EVArchivePermission -Trustee DOMAIN\User -Grant Read
    
3. In the above syntax, Trustee can be used to also target a specific Active Directory group.
4. Depending on the EV version, you may be prompted with a confirmation of the operation and given the following options (newer versions do not list these options):
   1. [Y] Yes
   2. [A] Yes to All
   3. [N] No
   4. [L] No to All
   5. [S] Suspend
5. Selecting [Y] will prompt confirmation for each user, where selecting [A] will perform the operations for all archives without interruption.
6. Once completed, the granted user will have manually set Read rights applied on all archives.

Note: The Archives list in the Vault Administration Console may need to be refreshed before the permissions will show as added to the individual archives.